‘Attempted heist of $1 billion by unidentified hackers’ the shot rang out across the financial world which experienced first-hand the tremors of cybercrime.
The yet to be identified hackers made off with $81 million and embroiled Rizal Commercial Banking Corporation (the bank used as a conduit for the heist), in penalties totaling 1P billion imposed by Bangko Sentral ng Pilipinas (BSP).
Meanwhile, the Monetary Authority of Singapore (MAS) fined DBS and UBS (2 of their biggest banks) amounts totaling $4 million for alleged money-laundering activities connected with Malaysian sovereign fund 1MDB.
Banks across China to Singapore to Philippines to smaller nations, are regularly falling prey to cybercrime, banking fraud and money laundering.
Let’s take a closer look at 5 prominent examples from recent survey reports and a few doable ideas to start beating the threat.
China
China was one of the countries surveyed for the state of financial crime. Some of the eye-openers include:
● 63% from organizations affected by financial crime said the most severe losses were incurred when an insider was involved in the fraud.
● 35% of respondents had no idea about the number of times their organizations had conducted a fraud risk assessment in the last 2 years.
● Corruption and bribery were pointed out as the most likely trends in organizations by 38% of respondents.
● While 36% claimed that an opponent of their organization got the upper hand in competition by paying a bribe, 22% said that they were asked for bribes.
Meanwhile, in Hong Kong and Macau –
● Money laundering and cybercrime are the most prominent themes.
● 50% claimed that cybercrime was the biggest threat to their organizations.
● 43% said their strategies against money laundering failed because organizations were unable to hire proficient, experienced people.
Singapore
Being a powerful investment banking hub, the nation has the most stringent compliance regulations. The recent 1 Malaysia Development Berhad (1MDB) bank fiasco and the subsequent lapses discovered in a number of banks that acted as a conduit for funds has severely challenged the nation’s risk compliance framework.
Alarming findings from recent surveys and other reports include:
● Rate of card fraud in the country is the 6th highest in the world and the 3rd highest in Asia-Pacific! About 66% of consumers were impacted in 2016.
● ACI Worldwide (a prominent payment solutions & electronic banking firm), reported that around 28% of its customers using debit cards, prepaid cards or credit cards experienced unauthorized transactions in 2014. In 2016, the number rose to 36%.
● Switzerland-based bank Falcon’s Singapore unit was shut down because of its involvement in the 1MDB debacle. The bank has been fined around 14 times a whopping $3.12 million for breaching anti-money laundering laws!
● While having a strong framework against money laundering, the country has failed to investigate any cases of terrorism financing despite having almost 780 potential leads.
Having noted the flaws in its defence mechanism, the country has pledged to further fortify it. But the constantly changing regulatory standards are making it harder to devise a comprehensive financial crime compliance strategy.
Some of the key requirements in these standards include:
● Creation of an effective FCC target operating model, especially for complex businesses
● Strict adherence to the 3-line “front office, audit and compliance” defence principle
● Demonstrable supervision and governance by the management
● Effective risk assessment and management
Philippines
Another South Asian country that is yet to achieve 100% compliance with respect to economic crime is Philippines. Regardless of its seemingly effective strategies against financial crime, banks in Philippines country are very often targeted by cyber criminals. PwC’s economic crime survey reveals:
● Around 36% of firms in Philippines are vulnerable to economic crime.
● More than 25% of respondents who participated in the survey, claimed they have had to pay bribes more often than their regional or global counterparts.
● Over 50% of respondents don’t have faith in law enforcement when it comes to combating financial crime.
Thailand
The situation in Thailand regarding financial crime is no better. In a survey by PwC, the response of whether they experienced financial fraud in 2016 was a 26% yes.
While most firms seem to have a defence strategy against financial crime and money laundering in place, many are blissfully ignorant about the repercussions of fraud.
Respondents were also asked to opine about the factors which contributed to fraud. While 24 % said that financial fraud is mainly motivated by the incentive (a person is likely to receive on misappropriating assets), 64% said that the opportunity to commit fraud – which only employees have – is the main factor.
6% claimed that rationalization, due to which a person commits a fraud and justifies the same, is the main cause.
Vietnam
Investments in Vietnam certainly have advantages owing to recent measures such as revision of Land Law (2013), Investment Law (2014) as well as Enterprise Law (2014).
But prevalent compliance risks pose a vital question – are these investments secure enough? Statistics from recent reports show that:
● Corruption is the greatest hurdle for financial investments in Vietnam.
● Regulatory standards are intricate and often confusing for investors.
● Laws against employee embezzlement or thefts haven’t been enforced properly.
● Around 68% of private firms in the country are able to get contracts only by paying bribes.
Arresting the Trend
There’s little doubt that the situation is a bit like a bomb waiting to go off. With Money Laundering leading the charge followed by Corruption/Internal Fraud & Card Fraud, the situation may seem bleak but not entirely unsalvageable.
While there are several actionable ideas, 4 of them that stand out are –
1. Push for a Regulator-level Transformation.
Assess risks associated with terrorism financing and money laundering, and co-develop a policy to mitigate them. Regulatory bodies must come out with a firm long-standing stance on anti-fraud measures that banks can readily implement. Frequent changes in policy causes considerable operational disruption which inadvertently causes breaches in a bank’s protection systems.
2. View Top-line Growth (upsell / cross-sell) and Bottom-line Protection (losses from Fraud) as 2 sides of the same coin.
Make investments in fraud management to pay for itself because fraud management and cross-sell are actually the ‘yin and yang’ (of risk management and revenue growth). Banks can reuse the in-memory data to offer simultaneous real-time cross-sell and upsell to customers using the same computed memory of fraud management. So the same contextual interventions at play in a real-time, cross-channel fraud prevention solution can also be used to generate revenue.
3. Unify your Bank’s Anti-Fraud & AML Departments into a Single ‘Financial Crimes Department’.
Currently the 2 departments are separate due to the genesis of each. The AML/CFT department was created to address regulatory requirements and the Anti-fraud cell was created within the Risk Department to help banks combat fraud. Money laundering and transactional fraud are closely correlated because transactional fraud is often a ‘predicate crime’ to money laundering. So, a cross-channel holistic approach is far superior because the system is strong in AML/CFT, Transactional Fraud Monitoring, and Enterprise Case Management. Operations can be exponentially more efficient by bringing the 2 departments together into a unified ‘Financial Crimes Department’.
4. Create a Federated, Asia-wide Anti-fraud Network.
Step up the fight to a regional level. A federated approach – specifically a pan-Asian anti-fraud network can be a useful strategy to consolidate, cross-pollinate and share intel among banks in the region. An interconnected framework allows member financial institutions to exchange authentic fraud intelligence in real-time, that can help detect and prevent potential crimes before they are perpetrated.
Data Sources:
1. https://www.pwc.com/sg/en/consulting/assets/economic-crime-survey/economic_crime_survey_2016_singapore.pdf
2. https://www.pwc.com/th/en/publications/2016/economic-crime-thailand2016.pdf
3. http://www.pwccn.com/en/services/consulting/forensic-services/publications/under-attack-are-organisations-doing-enough-to-tackle-the-cyber-threat.html
4. http://www.pwccn.com/en/migration/pdf/forensic-economic-crime-survey-2016.pdf
5. http://www.straitstimes.com/business/1-in-3-spore-consumers-victims-of-card-fraud
6. http://www.iflr.com/Article/3589987/Financial-crime-compliance-trends-in-Singapore.html
7. https://www.bloomberg.com/news/articles/2016-09-27/singapore-has-gaps-to-fill-in-money-laundering-fight-fatf-says
8. https://www.pwc.com/ph/en/consulting/assets/2016/pwcph-report-gecs-2016.pdf
9. http://www.corporatecomplianceinsights.com/cyber-fraud-on-the-rise-in-southeast-asia/
10. http://globalinvestigationsreview.com/insight/the-asia-pacific-investigations-review-2016/1024349/vietnam-compliance-risks
Clari5 customer IndusInd Bank realized that fraud and revenue can be 2 sides of the same coin, and converted this into an opportunity. The genesis of this platform was laid when the bank recognized the importance of integrating insights from different delivery channels into a single platform. To enable real-time detection across different online channels and products, it was essential for IndusInd Bank to correlate data from multiple systems and have an integrated view. [
